Privacy Policy

Last updated: April 20, 2020

This Privacy Policy describes Our policies and procedures on the processing of Your personal data when You use our service (hereinafter the “Service” as defined below) and tells You about Your privacy rights and how the law protects You.
We use Your Personal data to provide and improve the Service. Before using the Service, please read this Privacy Policy.

Interpretation and Definitions

Interpretation
The words of which the initial letter is capitalized have meanings defined hereafter.
The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.

Definitions
For the purposes of this Privacy Policy:

You or the User means the physical person accessing or using the Service.
Under GDPR ((EU) General Data Protection Regulation no. 679/2016), You can be referred to as the Data Subject namely the identified or identifiable natural person to whom personal data refers.

Company (referred to also as “We”, “Us” or “Our” in this Privacy Policy) refers to 1MED SA, Via Campagna 13, Agno – Switzerland.
For the purpose of the GDPR, the Company is the Data Controller.

Data Controller, refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.

Representative means a natural or legal person established in the European Union who, designated by the Data Controller in writing represents the Data Controller or processor with regard to their obligations under the GDPR.

Affiliate means an entity that controls, is controlled by or is under common control with a party, where “control” means ownership of 50% or more of the shares, equity interest or other securities entitled to vote for election of directors or other managing authority.

Account means a unique account created for You to access our Service or parts of our Service.

Website refers to 1MED website, accessible from https://1med.ch/

Service refers to the service rendered through the Website.

Country refers to: Switzerland

Service Provider refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. For the purpose of the GDPR, Service Providers are Data Processors as they carry out personal data processing activities on behalf of the Company.

Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection,
recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not;

Third-party Social Media Service refers to any website or any social network website through which a User can log in or create an account to use the Service.

Personal Data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

• Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Information on the processing of Personal Data according to article 13 of the GDPR

Identity and contact details of the Data Controller and its Representative

The Data Controller is 1MED SA, Via Campagna 13, Agno – Switzerland and can be reached at the following e-mail address: info@1med.ch or by visiting this page on our Website:
https://1med.ch/contact-us/

Types of Data that We process Identification Data

While using Our Service, We may ask You to provide Us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
• Email address
• First name and last name
• Phone number

Usage Data

We will also collect your Usage Data automatically when using the Service.
Usage Data may include information such as Your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile Internet browser You use, unique device identifiers and other diagnostic data.
We may also collect information that Your browser sends whenever You visit our Service or when You access the Service by or through a mobile device.

Purposes and legal basis of processing of Personal Data
The Company may use Personal Data for the following purposes:
a) To provide and maintain our Service, including to monitor the usage of our Service. In this case, the legal basis of processing is the necessity to manage the Website and the delivery of the Service.

b) To manage Your Account: to manage Your registration as a user of the Service. The
Personal Data You provide can give You access to different functionalities of the Service that are available to You as a registered user. In this case, the legal basis of processing is the necessity to manage the Website and the delivery of the Service.
c) To contact You: To contact You by email, telephone calls, SMS, or other equivalent forms of electronic communication, such as a mobile application’s push notifications regarding updates or informative communications related to the functionalities, products or contracted services, including the security updates, when necessary or reasonable for their implementation. In this case, the legal basis of processing is the necessity to manage the Website and the delivery of the Service.
d) To manage Your requests: To attend and manage Your requests to Us. In this
case, the legal basis of processing is the necessity to take steps at the request of the Data Subject.
e) To provide You with news, special offers and general information about other
goods, services and events which we offer that are similar to those that You have already purchased or enquired about. In this case, the legal basis of processing is Your facultative consent.
f) For the performance of a contract: the development, compliance and undertaking of the purchase contract for the products, items or services You have purchased or of any other contract with Us through the Service. In this case, the legal basis of processing is the necessity to perform a contract to which the Data Subject is party.
g) For the legitimate interest of the Company, such as: (i) in a merger, acquisition
or asset sale; (ii) to protect and defend the rights or property of the Company; or (iii) to prevent or investigate possible wrongdoing and digital fraud in connection with the Service. In this case, the legal basis of processing is the legitimate interest of the Company
h) To comply with legal obligation and respond to requests from public
authorities. In this case, the legal basis of processing is the necessity to comply with mandatory requirements of applicable legislation.

It is not mandatory to provide Your data but the failure to provide it makes it impossible to
create Your personal account and to manage Your requests.

Categories of recipients of the Personal Data
We may share your personal information with the following recipients:
Service Providers: We may share Your personal information with Service Providers to
monitor and analyze the use of our Service, to show advertisements to You to help support
and maintain Our Service, to contact You, to advertise on third party websites to You after You visited our Service or for payment processing.
Other companies in case of business transfers: We may share or transfer Your personal information in connection with, or during negotiations of, any merger, sale of Company assets, financing, or acquisition of all or a portion of our business to another company.
Affiliates: We may share Your information with Our affiliates, in which case we will require those affiliates to honor this Privacy Policy. Affiliates include Our parent company and any other subsidiaries, joint venture partners or other companies that We control or that are under common control with Us. Details of our Affiliate are as follows: 1MED SUCURSAL EN ESPAÑA, with registered addressed in Madrid, Calle Velazquez 80, 5o izquierda, 28001, P.I.V.A. W0395065F.
With Business partners: We may share Your information with Our business partners to offer You certain products, services or promotions. Details of our Affiliate are as follows: 1MED SUCURSAL EN ESPAÑA, with registered addressed in Madrid, Calle Velazquez 80, 5o izquierda, 28001, P.I.V.A. W0395065F.
With other users: when You share personal information or otherwise interact in the public areas with other users, such information may be viewed by all users and may be publicly distributed outside. If You interact with other users or register through a Third-Party Social Media Service, Your contacts on the Third-Party Social Media Service may see Your name, profile, pictures and description of Your activity. Similarly, other users will be able to view descriptions of Your activity, communicate with You and view Your profile.
Public Authorities (e.g. a court or a government agency), if required to do so by law or in response to valid requests.

Retention of Your Personal Data
The Company will retain Your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. The criterion used to determine the storage period of Your Personal Data is based on compliance with time limits permitted by law and the principles of data minimization, storage limitation or rational management of our records.
In any case, the following maximum time limits apply for the retention of your personal data:
1. data acquired for the purposes defined under letters a), b), c) d) and f) of the
paragraph “Purposes and legal basis of processing of Personal Data” is kept solely for
the period of time strictly necessary to allow the User to use the Website or Service or to
respond to User’s requests;
2. data acquired for the purposes defined under letter e) is kept solely for the period of
time strictly necessary to accomplish the purposes for which it was originally acquired
and, in any case, will be deleted once the user ceases to interact with the Site or decides to revoke their consent.
3. data acquired for the purposes defined under letter g) of the paragraph “Purposes
and legal basis of processing of Personal Data” is kept solely for the period of time strictly necessary to pursue the legitimate interests of the Company.
4. data acquired for the purposes defined under letter h) of the paragraph “Purposes
and legal basis of processing of Personal Data” is kept for ten (10) years in order to fulfill legal and regulatory obligations and to respond to possible request from public authorities;

Transfer of Your Personal Data
Your Personal Data is processed at the Company’s operating offices located at Via Campagna 13, Agno – Switzerland. In any case, We do not transmit Personal Data to countries situated outside the European Economic Area (EEA).

Your Rights under the GDPR
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
You have the right to:
Request access to Your Personal Data. This also enables You to obtain from the Company confirmation as to whether or not Your Personal Data is being processed and to receive a copy of the Personal Data We hold about You.
Request rectification of Your Personal Data. You have the right to have any incomplete or inaccurate information We hold about You corrected or updated.
Object to processing of Your Personal Data. This right exists where We are relying on a legitimate interest as the legal basis for Our processing and there is something about Your particular situation, which makes You want to object to our processing of Your Personal Data on this ground. You also have the right to object where We are processing Your Personal Data for direct marketing purposes.
Request erasure of Your Personal Data. You have the right to ask Us to delete or remove Personal Data when there is no good reason for Us to continue processing it.
Request the restriction of processing. You have the right to obtain from the Company restriction of processing.
Request the portability of Your Personal Data. We will provide to You, or to a third-data controller You have chosen, Your Personal Data in a structured, commonly used, machine- readable format. Please note that this right only applies to Personal Data, processed with automated means, which You initially provided consent for Us to use or where We used the information to perform a contract with You.
Withdraw Your consent. You have the right to withdraw Your consent freely and at any time.
The right to lodge a complaint before the supervisory authority without prejudice to any other administrative or judicial remedy. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.

Exercising of Your GDPR Data Protection Rights
You may exercise Your rights by contacting Us to the operational head office of the Company, at Via Campagna 13, Agno – Switzerland, or to the e-mail address info@1med.ch . Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, We will try our best to respond to You as soon as possible.

Children’s Privacy

Our Service does not address anyone under the age of 13. We do not knowingly collect personally identifiable information from anyone under the age of 13. If You are a parent or guardian and You are aware that Your child has provided Us with Personal Data, please contact Us. If We become aware that We have collected Personal Data from anyone under the age of 13 without verification of parental consent, We take steps to remove that information from Our servers.

Links to Other Websites

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party’s site. We strongly advise You to review the Privacy Policy of every site You visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.